More important is the far bigger geopolitical issue that we need to get over. The United States has a choice, it can either figure out a way to work with China, which will be very difficult, or embark upon a new Cold War in Asia, which will be very expensive. That I leave to the China experts. On my topic, while the United States will need a grand strategy for cybersecurity, we need not unquestionably bow to an Electronic Pearl Harbor or Cyber Katrina thinking and paint the PRC as a monstrous, monolithic cyber threat.

Answers to the question of how to secure cyberspace will largely not be found in the Pentagon, but rather in Silicon Valley, Bangalore, Helsinki, Seoul or anywhere else software makers may be congregate. That is because, in the words of AT&T cybersecurity chief Ed Amoroso, “software engineering has to grow up soon.” We will not buy cybersecurity like we do national security. There isn’t an F-22 to protect us in cyberspace. The activity will be far more organic and broad in nature than procuring a capability or platform, and it will take time.

Christopher Bronk is the Baker Institute fellow in technology, society and public policy. He previously served as a career diplomat with the United States Department of State on assignments both overseas and in Washington, D.C.